Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Presumably catering to whatever OS is no. 1 without them having been in the picture. Windows is not targeted for viruses because it is insecure, but because it has had probably 70%+ of the market share for the last 10-15 years at least (I don't honestly know how long they've been on top. Heck I was born in 1988 and didn't get a computer in the house 'til 1999).

That needs qualifying as #1 in the HOME market. There are many more servers running various brands of Unix and Linux out there than there are running IIS or Apache on a Windows box (though not an insignificant ammount).

Servers are naturally harder to get viruses or trojans onto them as they're generally not used to surf the web, and the only applications executed on them should be done by a responsible sysadmin - who should know better.

Windows is targeted as it is the #1 Home and Business OS, and as most pe

Windows is targeted as it is the #1 Home and Business OS, and as most people are clueless about how the technology actually works (running with admin privileges, surfing dodgy sites, falling for phishing scams, opening spam emails).

A factor with the "running with admin privileges" is badly written software where the supported method is to have the user, rather than the program (or even part of the program) only having elevated privileges or change the permissions on whatever the program actually needs acc

The cynic in me wonders iff this wasn't such a visible and highlighted Google highlighted would they bothered to push it sooner or even at all or even to let people know there is a problem. But yes it is good you can hold publicly traded company's feet to the fire by having a few countries denounce your product which is totally unlike OSS!

No it goes to show how fast MS can release a patch (and out of their normal cycle) when face with a large amount of negative PR. Normal vulnerabilities usually have to wait til Patch Tuesday. But when Google announces that IE was to blame in a large number of attacks, both France and Germany advises their citizens not to use IE for a while, MS better patch it sooner than later.

I think the other shoe just dropped is what happened. Google proverbially bent over for China repeatedly, with some bad criticisms to discover that they are being attacked by China. They pushed all the cards out to the table. It's worth noting that other companies were also targets of the attacks in question.

MS sat on the bugs for months and only released a patch after public disclosure by Google. How much longer would have they sat on them if it wasn't for the bad PR.

Was it Google or was it several countries, including to large EU members, putting out the message to avoid using the software. AFAIK national governments doing this kind of thing hasn't happened before.

>>Nothing quite like two national governments recommending against using your product to raise the priority of fixing the problem

Nothing like people actually switching browsers in droves because of the warnings to raise the priority of fixing it. Now that they've switched, what are the chances of those lost users switching back?

They also very likely had no intention of fixing the bug, and no tenative patch. Then, the moment they start getting a boatload of bad PR from Google and a couple governments, they have a patch out extremely fast. So yes, it does prove they could have an amazing turnaround, if they spent the resources for it.

Bah, on Linux and *every other OS besides Windows* I can upgrade my websever, test the configuration and restart just the process when I'm ready. I often do the upgrade work a few hours beforehand (when I'm awake) and reboot Apache during a slow period (usually late night).

On Windows you may have to first shutdown the webserver to upgrade, or reboot the entire server, causing a much longer outage than needed.

Or just look at the jar locking hacks Tomcat has to do because you can't replace an in-use jar. I've

You're right my forced reboot was on XP SP3 and IE8 via downloaded patch. I installed earlier in w2k SP4 IE6 via win update and it didn't forced shutdown so it's maybe.. random(tm), still, If you unchecked the box IT SHOULD NOT RESTART! thanks good I'm a beaten wife that know this kind of things happens, didn't lose anything unsaved.

If you use Automatic Updates, and the updates it installs require a reboot, it'll show a 5 minute countdown, after which it'll forcefully reboot. If you happen to not be at the computer when it does, you can say goodbye to any unsaved work you might have had.

Now, if I had that kind of exploit (along with the Windows source code) to play with, and the skills to individually target a specific Google machine, I'd sure as hell make sure to sneak my exploit into the soon-to-appear Microsoft patch site...

And honestly, so far the chinese have struck me as the competent types.

Actually they haven't removed censorship yet. They would be talking with the Chinese government about a way to provide an uncensored search within the law.

"We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China."

As mentioned in my post and in/. front page last week, google has suspeneded the filtering after their announcement. Why re-enabled rather quietly? That part I have problem with. If they have stood up, why backed down? (And the Chinese government only made some general stanard statement, no real threat either. Why is that not mentioned in Western media?) all in all, I'm as disappointed by our media as by the CCP's.

The link in the article [publicaddress.net], even on the day it was posted on slashdot, talked about conflicting reports.

Current status @ 07:20 NZT, 02:20 Beijing time, 14-01-10: Still conflicting reports coming out. It could be that Google has already lifted its own censorship measures. Or it could be that the censorship measures are still up, but because of the intense interest generated (and click-thrus) on sensitive subjects, small holes in the wall are being publicised and magnified.

As long as China is killing people for cheating on their taxes and harvesting their organs, then selling them on the world market, then they are evil. As long as they are imprisoning Christians for their religious beliefs, gang-raping them and sending them to work camps to make plastic gewgaws (like christmas lights) for sale in the US, they are evil. And as long as we buy them, we are also evil.

Why, oh why, have you not logged in? Could it be because you know your ideas are not worth the attachment of a na

"Troll" does not mean "anything with which I disagree". It is trivial to find citations for the examples I give above. Try the China Aid Society first. Or read up on the Chinese Death Vans — they execute ten times more people per capita than the USA that they admit to and actually had vehicles created for the purpose. The condemned enter the vehicle, and they never leave — and their family is not permitted to see the body, which is considered extremely important by nearly all peoples on the plan

Doesnt really make a difference. The great Firewall of China [wikipedia.org] inspects packets for certain words and spoofs a RST packet to break the connection and blocks that IP for x amount of time. I doubt the Chinese can actually see those results. I wouldnt be surprised if the results were IP based (if china IP then censor).

I probably shouldn't respond to this but Google did the right thing. Their employees would be jailed and maybe even executed if they refuse to follow chinese law while operating inside the country. It would be extremely foolish of them to disregard Chinese law while still operating inside the country because as I said it could even get some innocent employee killed. If they abandon the Chinese market and then still keep the results censored, then you have a complaint but until they pull out the Chinese gove

AFAIK, Google never announced that they stopped censoring. So claiming that they "backed-down" is disingenuous. They've already made good on their threat by delaying the release of 2 phones pending talks with the government. Feel free to lambast them once they've concluded the talks and yet still censor results.

I hate to say it, but everyone who thinks Google is going to stand up to losing that much profit (and China IS a land of opportunity for corporations) is fooling themselves. Google is not your friend. Google is a MARKETING COMPANY. They do data mining and advertising. I have no clue why everyone has such a glint in their eye when they think about them.

Google only published this attack as a method of negotiating with the Chinese. Nothing more.

Removing IE is easy, its a wrapper GUI around a browser engine. Delete iexplore.exe, there you deleted IE.

The rendering engine is in a shared DLL thats used by just about everything now days, even if the app doesn't use the renderer directly, the built in help system is HTML based and uses the shared library for its renderer.

Its also used by HTML style dialogs, which are basically dialogs that use HTML to define the layout rather than the old style dialog resources.

Troll? I know the parent missed the point of the GP that the operating system should not depend on an html rendering engine of a buggy browser, but is quite far from a troll. He brings up a good point. There are a lot of apps that for right or wrong use the IE rendering engine, including plenty of in house applications.

As far as removing IE goes, iexplorer.exe will get rid of the gui leaving just the engine behind it. However, removing an html rendering engine should not break an operating system. Years ago

here [techsupportalert.com] is a good way to disable IE and make sure that nothing can access it and all stupefied widows only morons will be forced to use the default browser you set up. There sure as heck would not have a clue as to why IE will not work.

Then remove the entries from the start menu and take all the icons off the desktop. Of course this is not practical with XP but will work just fine with vista and 7 as the updates are independent of the default browser. It will work if you control the updates in XP and only enab

Am I the only one who thinks the headline on this reads like common media spin? So basically Microsoft has a bug that happened to be used against Google and the headline reads like Google was doing some hacking. This only leaves me wondering how much did the Microsoft PR people paid to get that worded that way.

People think that Mac's are expensive, but the safety and security alone are reasons to justify the high price. The sleek, advanced looks are just the icing on the cake.

Uh...OSX is what is safe and secure...not Apple hardware. Install OSX onto a hackintosh [wikipedia.org] and it will be just as secure as your overpriced "icing". Macs ARE expensive, and the low-cost of upgrading to Snow Leopard just proves that you are paying far too much for hardware, not the software that it utilizes.

Come on. If you are gonna fanboy for a single system, at least get your facts straight.

he low-cost of upgrading to Snow Leopard just proves that you are paying far too much for hardware, not the software that it utilizes.

Maybe the hardware is actually no more expensive than the hardware in any Windows PC, and you pay $600 for the original OS X license, and $50 for each service pack. You can't use OS X on anything but Apple hardware, so they can get away with selling Snow Leopard retail for a loss compared to paying through the nose for the version of the OS a Mac ships with.